package com.itheima.health.config;

import com.itheima.health.security.SecurityUserDetailsService;

import com.itheima.health.until.Md5Utils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@Slf4j
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private SecurityUserDetailsService userDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        // 关闭防CSRF攻击
        http .csrf().disable()
               // 设置登录相关配置
                .formLogin()
                    .loginProcessingUrl("/sec/login") // 登录请求地址
                    .failureForwardUrl("/user/loginFail") // 登录失败转地址
                    .successForwardUrl("/user/success") // 登录成功转发地址
                    .loginPage("http://localhost:8080/pages/login.html") // 登录页地址
                // 设置登出相关配置
                .and().logout()
                    .logoutUrl("/sec/logout") // 登出请求地址
                .logoutSuccessUrl("http://localhost:8080/pages/login.html"); // 登出成功后跳转地址
    }

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 设置自定义的UserDetailService
        auth.userDetailsService(userDetailsService).passwordEncoder(new PasswordEncoder() {
            @Override
            public String encode(CharSequence charSequence) {

                return null;
            }

            @Override
            public boolean matches(CharSequence charSequence, String encodedPassword) {
                log.info("进入比较方法");

                BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
                String password1 = encodedPassword.substring(1, encodedPassword.length() - 1);
                boolean flag = bCryptPasswordEncoder.matches(charSequence, password1);
                if (flag){
                    log.info("第一个密码正确");
                    return true;
                }
                log.info("比较完成");
                String password2="<"+Md5Utils.getMd5Code((String) charSequence)+">";
                log.info("[]password2:{}",password2);
                String password3="md5_<"+Md5Utils.getMd5Code((String) charSequence)+">";
                log.info("[]password3:{}",password3);
                String  password4 = encodedPassword.substring(9, encodedPassword.length() - 1);
                boolean flag2 = bCryptPasswordEncoder.matches(charSequence, password4);
                if (flag2){
                    return true;
                }
                log.info("[]password4:{}",password4);
                if (
                        encodedPassword.equals(password2)||
                        encodedPassword.equals(password3)
                        ){
                    return true;
                }



                return false;
            }
        });
    }
}
